Embed Size (px)
Citation preview
Information Systems Security
Mahmoud Youssef, PhD
Professor Vijay Atluri
Based on notes by
The 3 Steps to Security Policy
– defines the requirements need to be implemented within the hardware and software external to the computer system including physical, personnel and procedural controls
– lays out broad goals without specifying how to achieve them Mechanism
– implements the requirements of the policy– one has to make sure that the mechanism performs intended
functions Assurance
– provides a measure of how well the mechanism meets the requirements of the policy
– low assurance mechanisms are easy to implement but also easy to subvert
– high assurance mechanisms are notoriously difficult to implement
Components of Security
Confidentiality Integrity
Availability
Confidentiality: Prevention of Unauthorized disclosure of informationIntegrity: Prevention of Unauthorized modification of information
Availability: Prevention of Improper denial of access to information
Network Security
Alice wants to send a private message to Bob over a public network
– What if someone intercepts and reads this message? (Confidentiality)
– What if someone intercepts and alters this message? (Integrity)
– What if someone pretending to be Alice forges a message and sends it to Bob? ( Authentication)
– What if Alice denies sending of the message? (Non-repudiation of origin, Digital Signature) page 52 of the text gives a distinction between the two
– What if Bob denies the receipt of the message? (Non-repudiation of the destination)
Cryptography A tool for confidentiality, integrity, authentication,
non-repudiation, and digital signatures Works for both passive and active attacks Cryptology
– cryptography: the science of encryption (the good guys)– cryptanalysis: analysis of cryptographic algorithms (the bad
guys) Cryptosystems
– Secret Key (also known as single key, symmetric key) existing for more than 1000 years
– Public Key (also known as two key, asymmetric key) since 1974 both secret key and public key systems are in use and competing with
each other
Secret Key Cryptosystem
EncryptionAlgorithm
DecryptionAlgorithm
Plain Text Plain TextCipher Text
A B
Key= K Key= K
Secure Channel
C = E(K,M)M = D(K,C)where K = keyE = Encryption AlgorithmD= Decryption AlgorithmM = Plaintext MessageC = Ciphertext Message
Insecure Channel
C = E(K,M) M M M = D(K,C)
Features of Secret Key Encryption
Uses:– Solves confidentiality and integrity problems– Can be used for Authentication– Can be used to securely store information on insecure
media– Integrity check
Disadvantages:– Key Distribution Problem: How to get the key to Alice
and Bob? and to others?– If everyone knows the Key, it is no longer a secret
Basic Encryption Techniques
Substitution – Simple Alphabetic Substitution
Huge key space: 26! (approximately 10^26) Trivially broken for known plaintext attack Easily broken for ciphertext only attack (for natural language
plaintext) Multiple encipherment does not help
Permutation Example: Caesar ciphers Key space: N ! for a block size of N Trivially broken for known plaintext attack Easily broken for ciphertext only attack (for natural language
plaintext)– Multiple encipherment does not help
Combinations and iterations of substitution and permutation
ABCDEFGHIJKL....FPAQFZYTLWXM..
1 2 3 4 3 1 4 2
Data Encryption Standard (DES) DES is a product cipher with 56 bit key and 64 bit block size for
plaintext and ciphertext Developed by IBM and adopted by NIST (1977) with NSA
approval for unclassified information efficient to implement in hardware, but relatively slow if
implemented in software E and D are public, but the design principles are classified Algorithm:
– initial permutation– the 56 bit key is used to generate sixteen 48-bit keys– 16 rounds of substitution and permutation are performed– swap left and right halves– Final permutation
the size of the key (56-bits) is one of the most controversial aspects of DES
How Secure is DES? has stood up remarkably well against 20 years of public cryptanalysis
– 1977: approved as a Federal standard with 5 year cycle of re-certification– 1987: reluctantly reapproved for 5 years– 1992: reaffirmed by NIST
DES known plaintext attack– 56-bit key can be broken in 2^55 = 3.6*10^6 trials
trials/second Time required
Time required
Time required
1 10^9 years 10^15 years 10^6 years10^3 10^6 years 10^12 years 10^3 years10^6 10^3 years 10^9 years 1 year10^9 1 year 10^6 years 10 hours
10^12 10 hours 10^3 years 40 seconds
56 bits 76 bits 46 bits (3.8*10^22 trials) (3.5*10^13 trials)
Remarks on Secret Key System
Distribution of the Key is a Problem Trillions of keys may be required because we
need at least n(n-1) different keys if we have n customers
Public Key Cryptosystem– solves the problem of key distribution provided a reliable
channel for communication of public keys can be implemented
Public Key Cryptosystem
security is based on infeasibility of computing B's private key, given the knowledge of
– B's public key– chosen plaintext– chosen ciphertext
EncryptionAlgorithm
DecryptionAlgorithm
Plaintext PlaintextCiphertext
A B
B's Public Key
Reliable Channel
B's Private Key
C = E(KE-B,,M)M = D(KD-B,C)where KE-B = Public (encryption) key of B, known to allKD-B = Private (decryption) key of B, known only to B E = Encryption AlgorithmD= Decryption AlgorithmM = Plaintext MessageC = Ciphertext Message
Digital Signatures in RSA
EncryptionAlgorithm
DecryptionAlgorithm
Plaintext PlaintextCiphertext
A B
B's Public Key
Reliable Channel
B's Private Key
DecryptionAlgorithm
EncryptionAlgorithm
Plaintext PlaintextCiphertext
A B
A's Private Key
Reliable Channel
A's Public Key
Compare with Encryption in RSA
E EPlain Text
D
Signatures and Encryption
D
SignedPlain Text
EncryptedSignedPlain Text
SignedPlain Text Plain Text
A's Private Key
B's Private Key
B's Public Key
A's Public Key
A B
we could do the encryption first followed by the signature. Signature first has the advantage that the signature can be verified by parties other than B
We could use DES for encryption
